Trojanized PuTY for Windows users: another reason to not to

So, here you are, using PuTTY to connect to legitimate operating systems….Linux, AIX, BSD, Unix, etc. Being proactive, while still trudging along on Windows. Maybe you’re firced to because they won’t let you reload your computer…i won’t judge.

But, there’s always but…, Symantec released this week that there is a version of PuTTY that’s been out for a few months now, and if you’re using it, all your credentials have been compromised.

How can you tell if you’re affected? Pretty simple. The fix? Also pretty simple. The Aftermath? Well, that’s yet to be seen. You may have thousands of servers to recredential, not to mention the scanning for intrusions and wayward user accounts.

The test:

simply open the PuTTY window, and click “About” in the lower left. The bad versions will look like this.

This is the bad version of PuTTY. Maybe you should upgrade?

The key words there are the “Unidentified build”. If it just says version 0.63 you may be at risk, but not infected.

The fix:

Just get the most recent version, or downgrade if you really wanna, but don’t get version 0.63. Who am I kidding….just upgrade already.

The aftermath:

I’ll leave that between you, your sysadmins, and your boss. May whatever god(s) you believe in have mercy on your soul.